We've seen in the past year how the global pandemic is accelerating technology adoption as companies innovate to compete in an increasingly digital economy to meet evolving consumer demands. This is a positive development and will enhance the global economy’s recovery and its long-term sustainability. But with digital transformation comes risk, and the implementation of new and innovative digital technologies without the appropriate safeguards can come at a very real financial and operational costs.
Despite best intentions, unsecured innovation continues to feed a growing and increasingly sophisticated cyber crime industry, with the financial cost of cyber crime being described as the greatest transfer of economic wealth in history. The cost of cyber crime globally continues to grow annually, money that could be channelled towards building a more resilient, digital economy. While digitization offers many opportunities to create a more robust economy, the reality is that as our economy rapidly evolves to embrace Industry 4.0, so do cyber criminals’ strategies and approaches to undermine security and boost their coffers.
For cyber criminals, business is booming. This rogue sector’s bottom line is fed by the damage and destruction of data, theft of money and intellectual property, embezzlement and fraud while the victims have to accommodate the related costs created post-attack disruption to business operations, forensic investigation, the restoration and deletion of hacked data and systems and reputational harm. In sum, it has become very big business.
The threat landscape constantly evolves as hackers become more ambitious. The latest targets are industrial control systems, where new risk scenarios have emerged as the systems that control critical infrastructure become connected to the internet. Colonial Pipeline, a top United States fuel pipeline operator, was forced to shut down its network—the source of nearly half of the U.S. East Coast’s fuel supply—after a cyber-attack involving ransomware. Fuel prices jumped days after the attack, when it was apparent that not all the systems were restored. This follows the recent SolarWinds breach that saw hackers infiltrate the IT infrastructure of top U.S. Fortune 500 companies and potentially compromising industrial control systems through backdoors in IT networks.
This has been described as the largest and most sophisticated attack the world has seen. In between SolarWinds breach and the Colonial Pipeline cyber attack, another news story broke of hackers hijacking the controls of the Florida water management system, injecting more chemicals which could cause adverse health effects.
While two are linked to critical public infrastructure and the other affected large government and the majority of Fortune 500 companies, all attacks demonstrate the increasing vulnerabilities created by the increasing digitization of industrial control systems. Confronted by this escalating risk landscape, there are three important measures that companies can take immediately:
Implement network segmentation strategies: This means building a shield around your key data, your operational assets and your weakest links, which tend to be vulnerable, aging and hard to replace legacy technologies. Appropriate segmentation improves an organization’s security posture and helps harden the controls network. Experts recommend the use firewalls, data diodes and routers for greater control of data flows, as these can act as a layer of protection between your business systems and your ICS. Where possible, set up ‘demilitarized zones’ (DMZs) between the ICS and business IT networks, and direct all communication to and from the ICS through the DMZ to avoid exposures. It’s also important to implement network monitoring and logging of activities on the ICS network to detect unauthorized activities. Even in well-segmented networks you need to be vigilant about back doors inadvertently created. For example, equipment manufacturers and vendors often remotely extract data from machinery to monitor and optimize it.
Eliminate the human factor: People are your greatest risk but also your greatest asset in combating cyber crime. Understand how people and devices connect to your systems, including how you allow third parties to connect. Consider how operators access control systems and what your password management practices are, including how often they are updated, how simple they are, and if multiple people share the same usernames and passwords to access important systems. This level of understanding will help you shape communication and training to address vulnerabilities and put in place security systems and protocols best suited to your business.
Build a security culture:Think of your workspace as a safe zone, where you need everyone to be committed. Action shouldn’t be only top-down. It needs to include those from the bottom-up of an organization to make a difference. For example, if someone picks up a USB, an automatic thought may be to plug it in and play it, to check for clues as to who the content might belong to. But what if that USB contains malware? Anyone can be a weak link in an organization, so it’s important to create a strong security culture, backed by training and continuous enhancement of your security systems.
We live in unprecedent times, faced with unprecedented levels of cyber crime and an evolving threat landscape. Responding to this challenge requires a commitment beyond an organization’s IT function. Rather, it needs to be a whole-of-organization commitment supported by a security culture that’s informed by best practices and led from the top.
While there are encouraging signs that business leaders are more aware of the threat cyber crime presents, there is a long way to go to improve protection and halt the staggering gains generated by cyber criminals. There is no time for inaction or indifference, particularly given the transition to remote working and its impact on the threat landscape coupled with a critical shortage of cyber security capability globally. Not unlike the community policing schemes that were implemented in neighborhoods to spot and report on suspect activity, the best way to check the growth of an increasingly rampant cyber crime industry is shared ownership, supported by the right information and tools to promote community vigilance and safety.
As originally published in CPO Magazine, June 16, 2021.
Learn how FM Global promotes Cyber Resilience
Cyber Attacks on Water and Gas. What’s Next? Assess your cyber risk now and prepare
Download FM Global’s Cyber Loss Newsletter
SolarWinds Supply Chain Attack Advisory
Invisible Attackers Waiting at Your Industrial Systems Gate: Be Wary, Be Prepared, Stay Resilient